The passwords of thousands of people were leaked from Facebook, including those of former Self-Defense Forces members, the Sankei Shimbun learned from sources connected with cybersecurity who investigated the leakage. The SDF members’ passwords were stolen in February, three months before the number of leaked passwords began to grow in number in May. The sources suspect that a group of hackers initially launched a cyberattack targeting people who handled sensitive information.
According to the security company Sola.com, which investigated the incident, as of September 3, there were 29,000 cases of information leakage in which Facebook IDs and passwords were stolen via fake messages. However, during February and March, when damage was believed to have been limited to about 100 cases each month, at least seven former SDF members’ IDs and passwords were stolen.
In this cyberattack, if a user clicks on a fake message, a screen for entering an ID and password appears. Once the user’s ID and password are entered, they are stolen. Then fake messages are sent from the user’s account to all of his or her friends, which leads to a sharp increase in the number of victims.